US authorities arrested the Russian national Egor Igorevich Kriuchkov (27) after attempting to recruit an employee at a targeted company to plant a piece of malware. The man was arrested on August 22 and appeared in court on August 24. Kriuchkov offered $1 million to the unfaithful employee of the US company.
“Egor Igorevich Kriuchkov, 27, a citizen of Russia, was charged in a complaint with one count of conspiracy to intentionally cause damage to a protected computer. He was arrested on Aug. 22, 2020, in Los Angeles and had his initial appearance before U.S. Magistrate Judge Alexander F. MacKinnon in U.S. District Court in Los Angeles, California, who ordered Kriuchkov detained pending trial.” states the DoJ’s press release.
“According to the complaint and statements made in court, from about July 15, 2020 to about Aug. 22, 2020, Kriuchkov conspired with associates to recruit an employee of a company to introduce malware.”
Kriuchkov conspired with other criminals to recruit the employee of an unnamed company in Nevada.
Kriuchkov entered the United States on July 28 using his Russian passport and a tourist visa.
The Russian man and his co-conspirators were planning to exfiltrate data from the network of the company and blackmail the organization to leak stolen data, unless the company paid a ransom demand.
Kriuchkov exposed his plan to the employee after multiple meeting, he also told the employee that the previous victim organizations had paid millions of dollars to avoid the public release of the stolen data.
“He explained the malware attacks the systems in two ways. Firstly, the malware appears to be an external DDoS attack. This attack occupies the
company’s computer security staff and conceals the second attack.” complete the reason. “The second attack exfiltrates data from the computer network and into the possession of the “group.” The “group” later contacts the company and threatens to make the data public if the company does not pay a large ransom.”
The crooks were planning to launch a DDoS attack as a diversionary tactic, then to exfiltrate the data.
The Russian national provided the employee with a burner phone, instructed him to communicate through a TOR browser, to set up a Bitcoin wallet to receive payment. The man asked the employee to leave the burner phone in airplane mode until the money transfer was completed.
The FBI was able to physically witness some of the meetings between Kriuchkov and the employee.
“After being contacted by the FBI, Kriuchkov drove overnight from Reno, Nevada, to Los Angeles. Kriuchkov asked an acquaintance to purchase an airline ticket for him in an attempt to fly out of the country.” concludes the DoJ. “The charges and allegations contained in a complaint are merely accusations. The defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.”
(SecurityAffairs – hacking, Russian national)